partition Archives

Winsage

June 1, 2026

Microsoft fixes KB5089549 Windows security update install issues

Microsoft resolved an issue causing installation failures and error code 0x800f0922 during the deployment of the May 2026 Windows 11 security update (KB5089549), which was linked to insufficient free space on the EFI System Partition (ESP). The problem mainly affected devices with 10 MB or less available space, leading to automatic rollbacks of the update. The resolution was provided through the release of the Windows 11 KB5089573 preview cumulative update on May 26, 2026. Users installing updates released on or after this date will not need a workaround, while those with earlier updates can use the Known Issue Rollback feature. Additionally, IT administrators in enterprise settings can manually address the issue through Group Policy configurations. The KB5089573 update introduced 30 changes to improve performance and reliability.

Winsage

June 1, 2026

Microsoft confirms Windows 11 update is failing on some PCs, explains if you need a workaround

Microsoft has identified the root cause of installation issues related to the May 2026 update for Windows operating system and is rolling out a solution through an optional update, KB5089573. The May 12, 2026, Patch Tuesday update (KB5089549) introduced enhancements but many users faced installation failures due to error code “0x800f0922,” indicating insufficient space on the EFI System Partition (ESP). The ESP is critical for boot files and typically occupies around 256MB. Users can check ESP storage using a specific command. Low ESP space can lead to update failures, particularly when it drops below 10MB. Microsoft has rolled back problematic code and provided a fix in the optional update KB5089573, which resolves ESP space issues and ensures future updates will proceed smoothly. Users are encouraged to install this update or wait for the next scheduled Patch Tuesday update on June 9, 2026.

Winsage

May 28, 2026

Microsoft tests the 15-character limit of Windows Server admins’ patience

Windows Server 2016 has a bug introduced by the May 12 security update that affects servers with hostnames exactly 15 characters long, causing errors in domain controller discovery. Specifically, calling the DCLocator results in an ERRORINVALIDPARAMETER, hindering applications and tools from locating a domain controller. This issue impacts features like Distributed File System (DFS) Namespace management. Microsoft has not provided a workaround but suggests changing the hostname length. Windows Server 2016 is officially supported until January 12, 2027, with extended support options available. Despite representing only 2.2 percent of all Windows devices, it accounts for 20.3 percent of all servers. Additionally, the May 2026 security update has caused installation failures on some Windows 11 devices due to insufficient EFI System Partition size.

Winsage

May 28, 2026

Windows Server 2016 fails to find domain controller

Microsoft has acknowledged an issue with the May 2026 security update for Windows Server 2016, affecting systems with hostnames of exactly 15 characters, which leads to failed domain controller (DC) lookups. The error occurs during DC lookups, specifically returning the error code ERRORINVALIDPARAMETER. Servers with 14 or 16 character hostnames are not affected. Administrators may face challenges with DFS Namespace management and other functions reliant on DC access. Microsoft is investigating the issue but has not provided a timeline for a fix. Windows Server 2016's mainstream support ended in January 2022, but extended support will continue until January 2027.

Winsage

May 26, 2026

Microsoft: Domain Controller lookup may fail on Windows Server 2016

Microsoft has acknowledged an issue affecting Windows Server 2016 systems related to domain controller lookups after the installation of the KB5087537 security update released in May 2026. The problem occurs specifically for devices with hostnames that are exactly 15 characters long, causing domain controller discovery to fail and resulting in an ERRORINVALIDPARAMETER during DCLocator calls. This issue may disrupt administrative operations that depend on domain controller lookups, such as DFS Namespace management. Microsoft is investigating the issue but has not provided a timeline for resolution.

Winsage

May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.

Tech Optimizer

May 21, 2026

PostgreSQL Flaws Expose Databases to Remote Code Execution and SQL Injection

PostgreSQL has released versions 18.4, 17.10, 16.14, 15.18, and 14.23 to address 11 security vulnerabilities and over 60 bugs. The vulnerabilities affect PostgreSQL versions 14 through 18 and include issues such as remote code execution, SQL injection, and denial-of-service risks. Specific vulnerabilities include: - CVE-2026-6472: Missing authorization in CREATE TYPE allows query hijacking. - CVE-2026-6473: Integer wraparound leads to out-of-bounds writes and server crashes. - CVE-2026-6474: Format string issue leaks server memory. - CVE-2026-6475: Symlink attack allows overwriting arbitrary files. - CVE-2026-6476: SQL injection allows execution of arbitrary SQL as superuser. - CVE-2026-6477: Memory buffer overwrite via libpq lo_* functions. - CVE-2026-6478: Timing attack exposes MD5-hashed passwords. - CVE-2026-6479: SSL/GSS recursion flaw allows denial-of-service. - CVE-2026-6575: Buffer over-read leaks memory data (PostgreSQL 18 only). - CVE-2026-6637: Refint module enables stack overflow and SQL injection, leading to possible RCE. - CVE-2026-6638: SQL injection in REFRESH PUBLICATION via table names. Organizations are advised to upgrade to the latest versions, avoid MD5 password authentication, restrict privileges, audit extensions, and monitor for abnormal activity. PostgreSQL 14 will reach its end-of-life on November 12, 2026.

Winsage

May 20, 2026

Microsoft shares mitigation for YellowKey Windows zero-day

Microsoft has addressed the YellowKey vulnerability, a zero-day flaw in Windows BitLocker identified as CVE-2026-45585. This vulnerability allows unauthorized access to BitLocker-protected drives through a specific exploitation process involving 'FsTx' files. The flaw was disclosed by an anonymous researcher known as 'Nightmare Eclipse.' Microsoft has released mitigation strategies, including removing the autofstx.exe entry from the Session Manager's BootExecute REGMULTISZ value and reestablishing BitLocker trust for WinRE. Additionally, users are advised to change BitLocker settings from "TPM-only" to "TPM+PIN" mode, requiring a pre-boot PIN for drive decryption, and to enable "Require additional authentication at startup" for unencrypted devices.

Winsage

May 20, 2026

Microsoft confirms Windows 11’s May 2026 update is failing to install with error 0x800f0922 and outlines a mitigation for affected PCs

Microsoft has acknowledged installation issues with the May 2026 Security Update for Windows 11, specifically error code 0x800f0922, affecting devices on versions 24H2 and 25H2 after installing update (KB5089549) released on May 12. The failures occur during the reboot phase, often around 35 percent, primarily on devices with 10MB or less free space in the EFI System Partition (ESP). For consumer and unmanaged business devices, Microsoft has implemented a Known Issue Rollback (KIR), and restarting the computer may resolve the issue. For managed devices, network administrators must manually deploy a Group Policy workaround. Microsoft suggests modifying a Registry value to decrease reserved padding in the EFI partition as a potential fix, along with restarting the computer and checking for updates. A permanent solution is planned for a future Windows update.

Winsage

May 19, 2026

Yet Another Windows Update Done In By The EFI System Partition

The EFI System Partition (ESP) is an important part of modern computing that users are generally advised to avoid tampering with. Insufficient space on the EFI partition can lead to ambiguous error messages during updates, particularly with Microsoft’s security updates. The EFI partition is typically mapped to drive Y:, but may also be assigned to Z: or other letters. In some cases, such as transitioning from Windows 10 to Windows 11, users may need to access the EFI partition, where one solution involves removing TrueType Font (TTF) files under EFIMicrosoftBootFonts. However, caution is advised when handling the EFI partition, as mistakes can prevent the operating system from booting.